sonar-dotnet icon indicating copy to clipboard operation
sonar-dotnet copied to clipboard

Published 20 hours ago verified publisher icon SonarSource

SE: Avoid FPs in concurrent code

Open Tim-Pohlmann opened this issue 7 months ago • 0 comments

Concurrent code can easily cause FPs in our symbolic execution engine. E.g.:

class ErrorLogger
{
    public Queue<Exception> Queue { get; set; }
    
    public async Task Start()
    {
        Queue = new();
        
        do
        {
            await Task.Delay(1000);
            if (Queue.Dequeue() is { } exception)    // FP: S4158
                Console.WriteLine(exception);
        }
        while (true);
    }
}

We should investigate approaches to increase our precision for concurrent code.

Some ideas:

  • Disable rules when specific code patterns are found.
    • lock - we already do this for S2583/S2589
    • async - this is most likely too broad
    • concurrent collections
  • Do not learn/forget constraints for specific data types like concurrent collections.
  • Do not track fields and properties for async methods and methods that include lock statements. This would fix the example above.

Tim-Pohlmann avatar Jul 08 '24 13:07 Tim-Pohlmann